Adobe said Monday that it had received reports of the bug being leveraged by hackers to attack Adobe Flash Player on Windows systems. This could be a big problem, because Flash Player is installed on most PCs and the flaw can be exploited to install malicious software on a victim's computer.

The FlashPlayer attacks are happening on the Web, but because Reader and Acrobat also use Flash, hackers could hit victims by tricking them into opening maliciously encoded PDFs. Adobe hasn't heard of any PDF-based attacks, though.

Adobe's update is for all supported operating systems.

Reader and Acrobat are set to be patched the week of Oct. 4.

Apple fixed a MacOS bug in the Apple File Protocol (AFP) that could give hackers access to files on the Mac even without the required password. "A remote attacker with knowledge of an account name on a target system may bypass the password validation and access AFP shared folders," Apple said in its security advisory.